Starting in Q1 2025, software providers in the DoD supply chain must align their security with CMMC 2.0 standards. While many enterprise customers have been spending that past year getting ready, the reality is that most businesses don’t share this level of preparedness–specifically, small businesses. 

Meeting the challenges of a complex framework like CMMC can be challenging for SMBs with limited IT resources. Here, we’ll discuss how these organizations can prepare for their impending compliance requirements and maintain their contractual arrangements within the Defense supply chain. 

Read More

Generative AI is in the news, as usual. However, one of the big pushes we’re seeing lately is how the practices used by AI providers like OpenAI may violate user privacy. 

This, of course, is a big no-no for jurisdictions like the EU. 

Here, we’re dipping into the world of AI to talk about the latest complaint against OpenAI and how this speaks to privacy and GDPR compliance issues. 

Read More

We’ve previously written about the importance of NVLAP Common Criteria accreditation for lab testing and validating products for use in high-risk industries. It’s probably unsurprising that we are markedly interested in cybersecurity labs’ requirements. 

Here, we’re discussing NVLAP Common Criteria accreditation for cybersecurity labs–what it is, how it is unique for assessed labs, and some challenges you might face. 

Read More